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I.     INTROD0CTI2» 

This  thesis  is  a  continuation  of  the  thesis  "  The 
Preliminary  Personnel  Data.  Base  Design  for  the  Indonesian 
Navy  ",  by  Moedjiono  at  the  Naval  Postgraduate  School, 
Monterey,    California,   June    1982. 

Since        1977,  the        Indonesian        Navy        Data        Center 

(DISPULAHTAL)  has  collected  and  processed  personnel  data  to 
support  the  leadership  in  the  Navy  in  their  decision  making. 
In  1980  work  began  on  the  design  of  personnel  database 
system.  Computerization  of  personnel  data  took  place  only 
within  the  Department  of  Personnel  and  was  limited  to  admin- 
istrative purposes.  However,  other-  departments  in  the  Navy, 
such  as  Intelligence,  Operations,  Logistics,  and  Planning  , 
had  to  work  with  an  increasing  and  more  complex  amount  of 
data.  With  every  department  maintaining  its  own  personnel 
data  there  were  discrepancies.  Information  was  often  incom- 
plete or  uniformly  updated,  sinos  not  all  departments 
received  data  changes.  The  increasing  availability  of  data, 
and  the  importance  of  timely  decision-making  emphasized  the 
need  to  establish  a  computer  system  which  could  accommodate 
these   needs. 

Since  information  is  a  recognized  source  of  economic 
value,  the  data  wich  comprise  the  information  should  be 
secured  adequately.  2.  B.  Fernandez  [Ref.  5]  defines  infor- 
mation  as: 


a    critical  resource  in    today's   enterprises,    whether   they 
are   industrial,    commercial,    educational,    or    civic. 

Information   has   been  widely   recognized      as   a   resource   of 
economic   value   to    an  enterprise. 


This  thesis  proposes  to  continue  the  design  work  of  a 
personnel   database    system   begun    in    1983. 

As  the  use  of  computers  increases,  the  number  of  people 
who  might  have  access  to  confidential  information  also 
increases,  emphasizing  the  importance  of  access  security. 
In  the  military,  a  leakage  of  information  could  endanger 
national  security.  Data  on  secret  weapons,  numbers  and 
distribution     of      personnel,  emergency      procedures,        and 

personnel  background  are  important  to  the  enemy. 
Internally,  misuse  cf  lata  may  result  in  corruption  of 
totals  of  data  in  compiling  salary  lists  or  theft  cf  secret 
information    for    use    by  the    enemy.  The    absence    of    any   type 

of  data  protection  may  lead  to  unintentional  errors  by  an 
operator  resulting  in  the  destruotion  or  damage  of  data. 
Natural  disasters  also  may  destroy  information  or  data. 
Damaged  information  may  lead  to  inaccurate  decisions,  which 
may    jeopardize    national   security. 

To  prevent  the  above  mentioned  problems,  it  is  essential 
to  provide  protective  mechanisms  to  database  systems.  In 
other   words,    there    is  a   need   for    database   security. 

In  view  of  the  developments  of  personnel  database  in  the 
Indonesian  Navy  and  the  absence  of  protective  mechanisms, 
this  thesis  propose  a  concept  to  provide  security  for  data 
that  will  be  the  basis  for  decisions  made  by  the  leadership 
of    the    Navy. 

There  are  many  varieties  of  database  types,  but  this 
thesis  will  be  limited  to  the  security  of  personnel  data- 
base.     The   six    sections   cf    this   th?sis   are: 

I.  Introduction. 

II.  The  current  proposed  personnel  database 
systems 

III.  The  needs  for  security  protection. 

IV.  The  Multics  concepts. 
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V.  Implement ation   of   Baltics   in   database 
security. 

VI.  Conclusions  and  Recommendations . 


This  personnel  database  security  concept  will  be  a 
contribution  to  the  security  of  computerized  data  processing 
in   the   Indonesian   Navy. 


1  1 


II.     THE   30BHENT    PROPOSED    PERSONNEL    DATA3ASE    SYSTEM 

The   present    Database   systems    [Ref.    3]   have  the    following 
objectives: 

-  Reducing   redundancy 

-  Sharing  of  data 

-  Avoiding   inconsistency 

-  Enforcing   standards 

-  Maintaining  integrity,    and 

-  Balancing   of    conflicting    requirements. 

This   database   contains    97    data    sleients   divided    into   two 
(Ref.    10.]   basic    groups: 

1.  static  data    elements. 

2.  Dynamic    data    elements. 


A.       STATIC    DATA    ELEMENTS 

Static  data  elements  consist  of  data  that  will  not 
change    frequently. 

For    example: 

Main  Identification  constitutes  a  group  by  itself 
containing  the  elements  numbered  1 J 1  to  108.  Data  elements 
rarely  retrieved  by  applications  programs  are  entered  into 
Personnel  Characteristic  (element  ft  200)  which  in  turn  are 
divided   into  the   following    four  sub-groups: 

1.  Marriage    subgroup    (element    #    303)    containing   elements 
numbered    301    and   302. 

2.  Address    subgroup    (element    #   -HO)       containing   elements 
numbered    401    to  403    . 
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3.  Body  characteristic  subgroup  (element  #  500) 
containing   elements    numbered    501    to    511. 

4.  Category  and  Status  subgroup  (element  #  600) 
containing   elements    numbered    501    to    607. 

B.       DYNAMIC    DATA    ELEMENTS. 

Dynamic  data  elements  are  those  which  are  frequently 
changed.  They  are  divided  into  several  subgroups  corre- 
sponding  to   their   historical    data.    These    groups    include: 

1.  Rank  group  (element  #  700)  containing  elements 
numbered    701    to  707. 

2.  Profession  group  (element  #  330)  containing  elements 
numbered    80  1    to  8 10. 

3.  Education  group  (element  #  900)  containing  elements 
numbered    901    to   9  09. 

4.  Education  group  (element  #  1100>  containing  elements 
numbered  1101  to  1106.  This  group  is  divided  into  two 
subgroups : 

a.    Activity   and    profession    subgroup    (element    #    1200) 
containing  elements    numbered    1201    to    1204. 

t.    Family    education   subgroup    (element    #    1300) 
containing  elements   numb 2 red    1301    to    1303. 

5.  Payroll  group  (element  #  1400)  containing  elements 
numbered    1401    to    1414. 

6.  Security  group  (element  #  15  3  0)  containing  elements 
numbered  1501  tO  1506.  This  group  is  divided  into  the 
following   two  (2)     subgroups: 

a.  who    involved    subgroup    (element    #    1500)     containing 
elements    numbered    1601    to    1603. 

b.  Measures    subgroup    (element    #    1700)    containing 
element    numbered    1701    to    1703. 

(For    complete  overview  of   element    numbering   see    Appendix    A.) 
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The  above   database  systam   foras  i   hierarchy  as   ilus 
tratsd  in  the  model  below: 


MAINID 


PERSCH&R         RANK      PR3FF      EDUC 


FAN       PAYROLL         SEC 


MARR       ADDR    BODYCHAR    CATEG 


SaBJ       FACT       FEDUC 


WHO    MEAS 
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III.     THE    NEED    FOR    SECURI3?I    PROTECTION 

A.       GENERAL    APPROACH 

The  use  of  automata!  data  processing  equipment  has 
become  widespread  because  it  permits  the  handling  and 
storage  of  vast  amounts  of  information  at  an  affordable 
cost . 

The  military  benefits  from  the  use  of  computers  include 
spaed  and  accuracy  of  data  collsction  which  results  in 
timely  and  improved  decisions.  Besiis  these  advantages  a  new 
hard-to-solve  problem  emerges,    that    of   information    security. 

The  basic  problem  is  illustratsi  in  Figure  3.1  Users  and 
data  at  variDus  security  levels  desire  simultaneous  access 
to   the   machine's   resources. 

Data  with  all  security  levels  are  stored  on  the  system. 
Users  with  proper  security  credentials  are  granted  data 
accesses.  Navy  security  policy  raguires  that  an  individual 
must  possess  the  required  non-discreticnary1  and  discre- 
tionary2 privileges  before  being  granted  access  to  the 
information. 

In  fact,  application  of  coraputsrs  in  Indonesia  is  new, 
so  careful  considerations  should  accompany  the  design  and 
implementation    of   the  basic    concepts    of    database    security. 


1  Non-discretionary  security  requires  that  the  individual 
has  a  security  clearence  of  higher  or  equal  level  than  the 
level   of   the  information    requested. 

2Discretiorary  security  requires  that  the  individual 
possesses    a    proper    need-to-Know   for    requested    information 
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Figara  3.1    Problem  Description. 
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Frequent  foal  play  often  takes  place  because  of  the  lack. 
of  protection  when  using  computer  systems ,  as  well  as 
protection   of  the   database    systems. 

In  the  military,  particularly,  information  is  very 
important.  Leakage  or  corruption  of  military  information 
could  endanger  national  security.  Information  about  secret 
weapons,  numbers  and  distribution  of  personnel,  emergency 
procedures,  and  personnel  background  /data  are  all  very 
important  to  the  enemy.  On  the  other  hand,  for  authorized 
users  updated  data  is  very  important  since  an  error  in  the 
data    may   produce   faulty    decisions. 


B.       DEFINITIONS 

Many  definitions  are  used  in  database  security.  The 
most  widely  used  definitions  acoording  to  Fenandez  E.3. 
(1981)    [Ref.   5]    are: 


"  Information  security  is  the  protection  of  information 
against  unauthorized  disclosure,  alteration,  or  destruc- 
tion." 


"      Database  security      is    the      protecti 
that   is   maintained   in   a   database." 


tion   of      information 


C.       SECURITY  THREATS 

A  database  security  violation  nay  take  form  as  unauthor- 
ized reading,  modification,  or  destruction  of  information 
stored  in  the  database.  Possible  threats  to  the  security  of 
a  computer  system  may  be  broadly  classified  as  either  mali- 
cious or   accidental    acts. 
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From: 

Database  Security  &  Integrity 

By  E.B.  Fernandez 


Figure  3.2        Security    Threats. 

In  Figure  3.2  ,  we  see  the  possibility  of  a  malicious 
conduct  by  exploiting  loopholes  in  the  system.  There  are 
also  threats  resulting  from  human  srrors,  suoh  as  acciden- 
tally destroying  information,  or  allowing  it  to  be  sean  by 
unauthorized  people.  In  addition,  natural  disasters  may 
destroy  or  pravent  access  to  information.  These  threats  are 
classified   as  nonmalicious    threats. 
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D.       SECURITY   PROCEDURES    A»D    MECHAHISSS 

Security  threats  arise  from  a  wide  variety  of  sources, 
therefore  procedures  and  mechanisms  necessary  to  provide  a 
secure   environment    must  cover   many  areas   of   the    enterprise. 

External  procedures  aust  be  sat  up  so  that  security 
mechanisms  implemented  within  the  system  can  be  effective. 
We  must  select  personnel  who  have  access  to  highly  classi- 
fied   information  through    security   cLearance   procedures. 

Storage  devices  and  other  hardware  oust  be  physically 
protected  against  any  damage  from  natural  disasters  or  mali- 
cious attack.  Protection  of  removable  storage  against  theft 
is  also  necessary.  We  also  need  backup  systems  for  copying 
data  files  at  different  locations  to  protect  against  infor- 
mation  loss. 

Information  may  be  stolen  or  tapped  during  transmis- 
sions,   and   encryption   is    one  way   to    protect   this    data. 

In  summary,  the  security  of  a  database  depends  on  a 
complex  set  of  protective  measures:  human,  software,  and 
hardware  [Ref.    14]. 


E.       SECURITY   POLICIES 

An   access-control3  system    determines      the   way    a   subject* 
may    access5    data    or    objects.6 


3 Access-control.  A  strategy  for  protecting  obiects  from 
unauthorized  access. 

♦Subject.  An  active  user  of  a  computer  system  together 
with  any  other  entity  acting  on  behalf  of  a  user  or  on 
behalf  of  the  system;  for  example,  processes,  jobs,  and 
procedures  may  be  considered  subjects.  Certain  subjects  may 
also    be   considered    to   be   objects   of   the    system. 

5Access.  The  ability  and  the  leans  necesary  to  store  or 
retrieve  data,  to  communicate  with,  or  otherwise  make  use  of 
any    resource  in    a   computer    system. 

60bject.  In  a  formal  security  model,  an  identifiable 
resource,  data  container  or  related  entity  of  the  system; 
the    counterpart    of    subject.         Software-created   entities   such 
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There  are  many  kinds  of  access-oontrol  policies  and  they 
depend  upon  the  categories  of  information  and  the  positions 
of   the  users    (subjects)  . 


Personnel 
Mgr . 


NAME 

- 

NAME 

SAL 

- 

SALARY 

MGR 

- 

MANAGER 

DEPT 

- 

DEPARTMENT 

Mailroom  Clerk 


Figure   3.3        Access-type-dependent    Access   Control. 

Figure  3.3,  shows  a  situation  where  nor  everybody  can 
see  the  whols  file.  Users  are  given  access  to  the  file, 
according  to  their    position. 


as  files,  programs  and  directories  are  objects,  as  well  as 
hardware  resources  such  as  memory  blocks,  disk  tracks, 
terminals,    and    tapes. 
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An  access  can  be  of  several  forns: 
r  -  read 
w  -  write 

a  -  append 
d  -  delete,  and 
3  -  execute 
An  execute   access  is  often   used  but  omitted   from  this 
model  due  to  the  fact  that   execute  access  in   the  proposed 
protection  architecture  is  similar  to  a  read  access. 

To  be  qualified  to  access  specific  data,  a  user  must 
conform  to  the  military  security  conventions  of  classifica- 
tion, category,  and  need-to-know. 


Figure  3-4    Coabination  of  Compartment  and  Levels. 

In  military,  for  example,  the  Army,  Navy  and  Air  Force  have 
different  kinds  of  categories  of  files  ranging  from  top 
secret  to  unclassified  files.   Thus   by   a  combination  of 
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compartmentaiization    and   levels,      a      good   policy    for   control 
information   flow   can   be   crsated. 


F.       MULTILEVEL    HODEL 

This  model  introduces  the  concspt  of  levals  and  catego- 
ries. Each  subject  is  assigned  a  clearance  level,  and  each 
object  is  assign  a  classification  lsvel.  Every  person  in 
the  military  has  different  security  levels  that  permit  how 
far  (s)  he  may  access  the  file  and  how  much  (s)h9  can  see  the 
file.  Therefore  a  security  levsl  is  a  composite  of:  {  A,  B 
},  where  A  is  the  classification  lsvel  and  B  is  the  set  of 
categories. 

One  security  level  is  said  to  dominate  another  if  and 
only    if: 

1.  its      classification      or    clearance      level      >      the 
other,    and 

2.  its    category    set   contains    the   other. 
Clearance     and      classification      levels      are      ordered     as 

follows: 

top  secret  >  secret 

secret  >  confidential 
confidential  >  unclassified 

Security  levels  are  only  partially  ordered  however,  so  that 
some  subjects  and  objects  are  not  comparable.  In  Figure  3.5 
,  L2  is  dominated  by  L1 ,  since  its  level  of  classification 
and  its  set  of  categories  is  higher.  On  the  other  hand 
security  levels  of  L1  and  L3,  ar=  not  comparable.  The 
elements  of  tie  above  model  are  summarized  in  Figure  3.6 
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Figare  3.5   Ordering  of  Security  Level. 

Access   to  an   object  can   be  through  either   observing 
(READ)  the  object  or  altering  (APPEND)  the  object,   and  from 
this  combination  we  can  determine  tha  accass  type: 

*  not    both 

*  READ 

*  APPEND 

*  WRITE 

The   multilevel      model   considers    tha      states   of      a    secure 
system,    which  are  described    by: 

1.  the  current   access   set,      which   is   a   set    of   triples 

(   subject,    object,   access    type    )    or    (s,c,t), 

2.  an  access    matrix. 
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!                        Element 

Interpretation 

i                Subject        s 

Process 

Object          o 

Data,  files.  . .  . 

1                Classifications 

Clearance  level  of  subject,  classification  level  o' 

1 

obiect 

Categories 

Access  privileges 

Security  level 

(Classification,  category  set) 

Access  attribute  t 

No  observe,  no  alter-  observe  only,  observe  and  alter; 

alter  only 

Access  matrix 

Discretionary  security 

Request 

Cnanges  current  access  or  otr-er  aspects  of  system 

state 

(s.  o,  t) 

Current  access 

Decision 

Yes.  no  error,  or  ? 

Rules 

Determine  decision,  next  state 

From: 

Database   Security    & 

Integrity 

E.B.    Fernandez 

Figure  3.6    Elements  of  the  Hultileval  Hodel. 

3.  the  security  level  of  each  subject,  ar.d 

4.  the  maximum  and  currant   security  levels   of  each 
subject. 


1. 


uirements   to    Read  Data   from   a   Data   Set 


A   user    may    read     a    set   of   data    if,      and      only   if  his 

clearance   dominates    the      classification   of   a   data      set.  The 

clearance      of   user    (U)    dominates  a   set   of    data    (D)       if,  and 
only    if, 

military   classification     (U)    >    military   classification    (D) 
category    (CF)    c   category     (D) 
U        need-to- know     (  read    D) 
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2 •      Requirement    to  Wri t e   Data    i i t o   a   Data    Set 

A  usee  may  not  write  data  into  a  set  of  data  if  the 
classification  of  the  data  he  is  writing  dominates  the  clas- 
sification of  the  data  into  which  ae  is  writing.  That  is  , 
if  the  user  wishes  to  write  data  (d)  into  data  set  (D)  ,  it 
is   required   that 

military   classification    (d)    <   military   classification    (D) 
category    (d)     2  category    ( D) 
U      need-to-fcnow    (write   D) 
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17.    THE    MOLTICS    CONCEPTS 

A.  GENERAL    CONCEPT 

The  Multiplexed  Information  and  Computing  System 
[Kef.  1]  (MULTICS)  ,  employs  the  coaoept  of  rings  of  protec- 
tion,   based   on: 

1.  Need   to    know,    and 

2.  Firewall,    to    minimize   damage    due    tc    errors. 

Basically  protection  of  data  oc  objects  in  Multics  is 
achieved  by  compartmentalizing  all  of  zhe  stored  information 
into  discrete  packages  called  segmaats,  where  each  is  asso- 
ciated  with   a  set   of    access    attribat ss. 

This  chapter  will  discuss  the  concepts  of  access 
coatrol,  protection,  and  filing  coacepts  in  Multics,  since 
these  filing  ooncepts  will  be  a  basis  for  the  implementation 
of   the   existiag    personnel   database    in    the    following   chapter. 

B.  ACCESS    CONTROL    AND   PROTECTION 

In  Multics,  compartmeatalizatioa  [Ref.  11]  is  achieved 
through   two   primary    mechaaisms: 

1.  Per-Segment    Access   Control 

2.  Concentric  Rings   of    Protectioa 

These   mechanisms   complement  ona    another. 

1 •      Per-segment    Access    Control 

Per-Segmeat  access  Control  is  a  means  of  denoting 
and  controlliag  the  type  of  access  to  a  particular  shared 
segment      given    to     an  individual      usar.         A      segment    may     be 
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shared  by  two  or  more  processes.  The  subject  who  creates  the 
segment  and  grants  permission  id  shar=  to  a  us^r,  may 
specify  the  type  of  access  to  be  given  to  each  grantee.  3y 
this  privilege,  Multics  guarantees  that  a  user  can  safeguard 
the  information  he  creates  and  files  away  for  future  use. 
Multics  permits  the  coexistence  of  many  processes,  each  of 
which  competes  for  the  system's  physical  resources  and 
employs   the   same   file  system   hierarchy. 

The  hierarchical  directory  structure  in  Multics 
which  controls  the  file  system  loo«s  like  ordinary  file.  It 
includesauthors,  users  listing  and  access  type  permitted  to 
each  user  which  is  granted  individually.  Each  author  listed 
in  the  directory  is  associated  with  a  file  in  the  access 
control    list    (    ACL    )  . 

2.      Concentric    Rings    of    Protection 

The  ring  mechanism,  by  contrast,  offers  intraprccess 
protection  cf  a  segment.  .  The  concentric-rings  concept  is 
essentially  a  generalization  of  S  (supervisor)  and  U  (user) 
domains.  The  segments  of  any  process  are  associated  with  a 
set    cf   generally   two    cr   possibly   mors    concentric    rings. 

A  ring  procedure  prevents  any  user  from  referring  to 
inner  ring  data  segments  which  have  higher  level  classifica- 
tion. A  user  is  permitted  to  access  more  privileged  proce- 
dures only  through  specially  controlled  entry  points  called 
"gates". 

By  subsetting  the  segments  of  a  process  into  rings 
and  by  effectively  controlling  interactions  and  communica- 
tion between  segments  of  different  rings  (supevisory  or 
userlike) ,  Multics  has  the  potential  to  isolate  trouble  and 
limit    the      damage   in   the    system.  When   an   outside      ring   is 

damaged,  this  will  not  effect  the  inner  ring,  but  damage  tc 
the  inner  ring  will  cause  damage  to  the  outside  ring  as 
well. 
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Ring        brackets      are        associated      with 
segments   as   shown   in    Figure    4.1    . 


accessible 


Figure   4.1        Segment   Privileges. 

Read  and  Writs  privileges  are  always  associated  with  a  ring- 
bracket  starting  at  ring  0.  In  Figure  4.1  for  example,  the 
read  bracke*  is  defined  as  ring  3  to  ring  4,  which  means 
that  if  a  process  is  currently  being  execut-d  in  ring 
0,1,2,3   or   4,   then    it   may   read  the   segment. 

The  Call  bracket  is  defined  as  ring  5  and  6,  which 
means  that  only  when  a  process  is  executing  in  ring  5  or  6 
can  it  call  this  segment  when  the  ssgment  is  being  executed, 
as   the   process    is   in   ring   3. 
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In  Multics  ,  all  storage  are  organized  as  named 
segments,  and  the  segment  is  the  unit  of  protection.  A 
segment   can   contain    either    data   or   procedures. 

A  Multics  process  is  usually  associated  with  an  end 
user  who  is  identified  by  a  unique  number.  In  the  da-abase 
context  an  eni  user  invoices  a  database  application  program 
by  combining  a  number  of  procedures.  Eventually  one  cf  these 
procedures  will  call  a  DBMS  proceiure,  which  in  -urn  may 
call  other  DBHS  or  operating-system  procedures.  The  user  can 
build  protected  subsystems  by  grouping  procedures  into 
segments   that   can   then  be   protected   from   one    another. 

Associated  with  each  process  is  a  descriptor 
segment,  which  is  a  vector  of  segment  descriptor  words 
(SDWs)  providing  addressability  to  all-  the  segments  acces- 
sible to  the  process.  A  directory  system  is  used  to  locate  a 
segment  when  it  is  first  referenced  by  a  process.  The  direc- 
tory entry  for  a  segment  contains  an  access-control  list 
specifying  which  users  can  access  tie  segment  and  what  their 
rights  are.  If  the  requested  access  is  authorized,  the 
segment  is  added  to  the  user's  virtual  memory  by  adding  the 
appropriate   SDH    to    the  usee's    descriptor   segment. 

Initially  all  information  is  stored  in  the  access- 
control  list.  However,  when  the  segment  is  first  referenced, 
the  information  is  copied  into  the  5DW  for  the  segment.  For 
every  subsequent  access  by  the  process  the  SDW  alone  is 
checked  by  hardware  to  determine  whether  an  access  is 
authorized. 


C.       HOLTICS    FILE    SYSTEM 

The  Multics      filing      system   consists      of      two      modules: 

Segment  Control   and      Directory  Control.           Here,       file      and 

segment  are     entirely     synonymous,       since      the      concept      of 

segment  is   merely  an   extension   of   the    concept    of    file. 
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The  segment  Control  Module  (SCM)  interprets  the  intent 
of  the  user's  symbolic  references  to  segments.  It  determines 
to  which,  if  any,  of  the  segmeti-s  already  known  to  the 
process  a  given  symbolic  name  refers.  If  none,  the  Segment 
Control  Module  must  then  determine  if  a  new  segment  is  to  be 
created  and   placed    in  the   hierarchy. 

When  using  the  SCM,  a  Known  Segment  Table  (KST)  is 
needed  to  store  segments  currently  part  of  the  process.  SCM 
maintains  control  over  these  refarsnce-name-segoent-number 
pairs  in  a  given  process.  Its  job  is  to  develop  and  reuse 
each    name-number  pair  in   its   proper    soatext. 

The  directory  Control  Module  (DZM)  is  used  to  search  all 
inquiries  about  the  status  or  location  of  segments  and/or 
their  descriptions,  because  only  this  module  is  permitted  to 
read    and   alter    the    contents    of   the   directory   segments. 


1 .      Directory  Structure 

This  filing      system    has      a   directory      structure  that 
contains    two  types    of  entries    which    may    be    added   to    it: 

1 .  branches    and 

2.  links. 

A  branch  is  a  detailed  description  of  a  segment 
located  in  the  secondary  storage  of  records  that  comprise 
the  segment.  A  link  is  a  special  kind  of  named  entry  whose 
purpose  is  to  point  to  another  entry,  normally  in  some  (any) 
other  directory.  This  allows  a  useful  form  of  cross- 
referencing  capability,  to  be  superimposed  over  the  basic 
tree  structure  formed  by  the  branch- type  entries.  Figure 
4.2  shows  an  example  of  the  conceptual  model  of  the  file- 
system  tree  structure. 
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From: 

The  Multics  System 

By  E.  I.  Organ ick 


Figure  4.2        Conceptual   Model   of  tha    Pile-systaa    Tree   Structure, 
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To  reach  a  certain  branch,  a  certain  path  is  needed 
using  path_nams  and  rslati?  e_path_name.  A  path_namef  is  a 
list  of  the  node  names  from  the  root  to  -he  branch  (or  link) 
inclusive,  where  elements  of  the  list  are  separated  by  the 
">"  character.  For  example,  to  search  for  "sub"  the 
following   path    name    is  used: 

">  user_dir_dir    >  projectl    >    usara1_directory    >    sub", 
and   to   search  for  "sort"    the    oath   name   used   is: 


">user_dir_dir    >    projscti    >   useca 1_diract ory    >    sort" 


directory   path   name  entry 

name 


path   name  for    the    branoh    (or    link) 

In  other  words,  the  Multics  link  is  considers!  a  shorthand 
for  symbolic  pathname,  therefore,  it  introduces  no  addi- 
tional  structure. 

Figurs  4.3  shows  rhat  from  iirectory  A,  the  symbolic 
name    "E"    is   shorthand     for    "   >    B   >   E    ".  Any   oath   name   may 

begin  with  "  >  ",  if  a  path  name  begins  with  other  than  " 
>* ,    the    given  path    is  referred   to   as    a   relative    path   name. 

At  all  times,  an  executing  process  is  associated 
with  a  working  directory.  This  is  a  directory  the  process 
happens   tc   be  currently   "using".  It   is    merely    a    reference 

marker  to  a  point  in  the  hierarchy  from  which  it  becomes 
convenient   to     describe  a   relative      path   to      other    segments. 
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Figure  4,3       Interpretation   of   Links, 

Thus,  a  tres  path  to  a  particular  node  may  be  described 
relative  to  the  working  directory  of  a  process.  For  example 
referring  to  Figure  4. 2  the  path  name  for  sort  is  simply 
"sort",  and  the  path  name  for  delets  is  "a1_library  >  deleta 
• 

It  is  also  possible  to  use  the  relative  path-name 
convention  when  referring  to  a  branch  that  is  not  a  descen- 
dant of  the  working  directory.  This  is  done  with  the  aid  of 
the      character    "<".  It   is      interpreted   as      parent   of      the 

working  directory.  And  "<<"  would  nean  parent  of  parent  of 
the  working  directory,  and  sc  on.  For  example,  relative 
path  name  far  <  usera3_directcry  >  is  "«  project2  > 
usera3_directory"  or        "  user__dir_iir  >        project2  > 

user  a 3_ directory" 
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2.      Elements  of   a  Secure   Maltiss 

Corresponding     to   a      szate    (b,M,f,H)         is      a   set      of 
information   structure     in   Multics   *  Bef.    2].  The.  following 

correspondences    have   been   identified: 

b  -    Segment   Descriptor   Words    (SDW) 

M   -    Access  Control   List     (ACL) 

f  -   Information  in   directory    segments    and 

special    process    security    taoles 
H   -    Branches 


ETC. 


USER  IDENTIFICATION 

MODE  OF  ACCESS  (R,E,W,A) 

RING  BRACKET  (r  ,  r   .  . 

) 

USER  IDENTIFICATION 

MODE  ACCESS 

RING  BRACKET 

— — 

Figure   4.4        Data  Structure   of   an   ACL   for   an   Individual  Branch. 
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An  element  (Si,  Oj,  x)  in  b  indicates  that  subject 
Si   has  current    access  to   object   Oj   in    access   mode    x. 

In  SDW  is  a  field  which  indicates  access  permission 
(write,    read,    execute,   or  append) 

An  entry  in  H  such  as  {  r,w  }  indicates  that  subject 
Si  has  read  and  write  permission  with  respect  to  object  Oj, 
if   Oj   is   a    data      segment. 

As  example  of  the  data  structure  of  an  access- 
control   list  for   an    individual   branch    is   shewn   in    Figure   4.4, 


0. 

1 

\ 

BRANCH 

BRANCH 

J 

[    O.     1 

°k 

• 

1 

DATA                         D 
SEGMENT                      S 

I RECTORY 
EGMENT 

Figure    4.5        Baltics  Hierarchiy    Equivalen- 
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3«      Retrieving    File-branch   Information 

The  hierarchy  H  of  the  iodel  is  structured  to 
reflect  the  tree  structure  among  segments  realized  by 
branches  in  Baltics.  If  Oi  and  Oj  are  objects  in  the  model 
and  H  (Oi)  inclides  Oj,  then  Oi  is  tae  parent  of  Oj.  Figure 
4.5    shows   this    situation. 


^user-directory-directory^ 


{userl-director^  ^user2-director$Aiser3-directory\      ^user4-directory^  \ 


V       I 


Figure  4.6        Chain   of   Links. 

When  directory  control  is  supplied  a  path  name  for 
the  purpose  of  retrieving  corresponding  file-branch  informa- 
tion, the  desired  directory  entry  is  retrieved  by  link  or 
branch.  If  it  is  a  branch,  the  target  has  been  reached,  and 
if  it  is  a  link  the  path  name  found  in  a  link  is  then 
employed  for  a  repetition  of  the  retrievel  process.  It  is 
possible  that   a    chain  of   links   evetually   leads   to    a    branch. 
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Figure  4. 6  shows  hew  user4  grants  permission  to 
user3,  and  aser3  grants  permission  to  user2  to  use  their' 
routines.  If  user2  and  nser3  appear  in  the  access  control 
list  for  <b>  in  aser4»s  user  directory,  then  user2  may  use 
"d"  as  a  symbolic  reference  and  user3  may  use  "c"  as  a 
symbolic  reference  to  the  segment  whose  branch  entry  is 
named   " b" . 
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V.    IMPLEMENTATION   OF    HULTICS    II    DATABASE    SECORITX 

The  tasic  security  model  including  data  security  in 
Multics  has  been  discussed  in  the  previous  chapter.  Before 
we  further  discuss  the  implementation  of  database  security 
we      will     take      some      assumptions      as      followed:  Firstly, 

although  the  Multics  system  was  developed  and  applied  to 
operating  systems  for  Honeywell  conputers,  we  will  assume 
that    it    can   also   be    used   by    o*1- her   CDmputers    in  general. 

Secondly,  we  assume  that  users  in  the  Indonesian  Navy 
database  system  are  limited  tc  five  assistants  for  Chief  of 
Staff   of   the  Indonesian   Navy,    namely: 

1.  Assistant  for  Security 

2.  Assistant  for  Operations 

3.  Assistant  for  Personnel 

4.  Assistant  for  Logistics 

5.  Assistant  for  Planning 

The  second  assumption  is  needed  because  there  are  some 
offices  supervised  by  the  Assistants  which  currently  deal 
with    the    personnel    database    system. 

The  description  of  a  directory  has  been  discussed  in 
Chapter  IV,  therefore  we  will  not  discuss  how  to  find  a 
segment   in   this    chapter. 

The  personnel  database  in  the  Indonesian  Navy  is  divided 
into  17  segments.  The  method  propssed  here  adds  2  segments 
which  are: 

Segment  400,  which  is  followed  by  elements  number 
401-403,  is  divided  into  two,  namely  segment  400  which  is 
followed  by  elements  number  401  and  segment  500  which  is 
followed  by  elements  number  50  1.  Tais  change  is  needed  since 
element's      owners  are  different. 


38 


For  the  same  reason,  segment  500  which  is  followed  by 
elements  501-502,  is  divided  into  two  segments,  namely 
segment  600  followed  by  elements  number  601-607  and  segment 
700    followed  by    elements   number   701-705. 

All    changes    are    shown   in   the    table   in    Appendix    C. 

We  can  summarize  to  this  point  that  the  personnel  data- 
base is  now  divided  into  19  segments  and  there  are  5  users, 
which  follow  the  sequence  of  assistant  staffs.  It  has  been 
determined  who  owns  each  segment,  and  each  owner  has  the 
authority  to  update    the   contents   of    his    segment  (s). 

To  implemsnt  the  new  security  method  mentioned  above,  it 
is  necessary  to  set  up  a  table  containing  all  segments  and 
their   relation    to   each  user.  Th2    table   tells    what    segment 

belongs  to  whom  and  what  kind  of  aroesses  are  authorized  to 
other  users.  In  this  case  the  D3A  (Database  Administrator) 
can    arrange    the    table  in   the   proper    order. 


TABLE    I 
Access   Table 


ELM         DATA-NAHETYPE    OF    ACCESS 
#  S1  S2  53  S4  S5 


100         MAINID  R  R  BWAD 


200         CHARACT  R  R»AD 


300  MARR  RWAD 
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4  00    ADDR         R  RWAD 


500    ADDRSTA  R        RW AD 


60  0    BODYCHAR  RHAD 


700    PERSIZ  R        RWAD 


300    CATEG        R        S        BWAO     R 


900    RANK         R        R        RWAD     R 


1000  PROFESS  R  R  SHAD 


1100  EDOC  R  R  RWAD 


1200  SUEJ  R  R  RWAD 


1300  FAM  R  RHAD 


1400  FACT  R  RWAD 


1500  FEDtJC  RHAD 


1600  PAYROLL  RHAD 


1700  SEC  RWAD 
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1800  WHOINV 


RWAD 


1900 


9EAS 


RWAD 


R 

-  read 

w 

-  write 

A 

-   append 

D 

-   delete 

Security  is    divided   into   u    levels    : 

1 .  Top  secret 

2.  Secret 

3.  Confidant ial,  and 

4.  Unclassified 

Segment  nimbers  1700,  1800,  and  1900  are  in  the  classi- 
fied levels  and  the  ether  segments  classifications  will  be 
determined  in  the  future,  depending  on  the  needs  of  the 
Navy . 
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VI.     CONCLUSIONS    AND    RECDHHSNDATIONS 

It  is  justified  here  to  draw  some  conclusions  and  make 
recommendations  concerning  the  importance  of  personnel  data- 
base   security  in   the    Indonesian   Navy. 

The  conclusions   can  be   describe!    as    follows: 

1.  Database  security  is  very  important  to  any  database 
system,    especially   in   the    military. 

2.  The  Muitics  system  provides  basic  concepts  to  achieve 
a   sound    database   security    system. 

3.  The  Indonesian  Navy  personnel  database  security  can 
be  improved  by  applying  such  concepts  as  the  one 
described   in    this    thesis. 

In  order  to  implement  this  security  model  in  the 
Indonesian  Navy  database  personnel  system,  it  is  recommended 
to: 

1.  Assign  security  personnel  under  the  DBA  who  will  be 
responsible  for  the  security  of  the  existing  data- 
base. 

2.  Conduct  further  research  to  explore  possible  enhance- 
ments to  the  physical  design  related  in  this 
proposal. 
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APPENDIX    A 
DATABASE   PEESOHNEL    TABLES 


Each  of  these  tables  contains  two  elements:  cod^  and 
description.  Example:  "  1  Male  "  indicates  cede  number  1  is 
Male. 

1.       PERSONAL    STATUS: 


03   Titular 


A.  Military 

01  Volunteer 

02  Obliged 

B.  Civilian 

11  Daily_laborar 

12  Monthly_laborer 

13  Monthly_labcrer   organic 

V4  Temporary   3o  vernment^sf  f  icial 

15  Pre_Governraent_cf f icial 

16  Civilian_Governmen-_3f ficial 

17  Civilian_Military_Titiilar   Goverrment_cff icial 


2.       PERSONAL    CATEGORY: 

0  Not    clear 

1  Active   organic 

2  In  charge 

3  In   assistance 

4  In  direction 


3.       SEX: 


1    Male 


4.       MARITAL    STATUS 


5  Waiting   for    placement 

5  Waiting   for    direction 

7  Pre_retired 

3  Money    waiting    (tJT) 

9  Retirad 


2    Female 


1    Married 


2    No*    married 
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5.  CHILDREN    ALLOWANCE    STATUS: 

1    Claimed    by  him/  2    Claimed    by   spouse 

herself 

6.  HOUSING    STATUS: 

1  Government-quarters  4  Private/owned 

2  Mess  5  Rented 

3  Ship  5  Contract/leased 
7  With  relations 

7.  BLOOD    TYPE: 

1  A  H    3 

2  B  3    X 

3  AB 

8.  COLOR   3F    SKIN: 

1  White  4    Yellow-brown 

2  Yellow  5    Brown 

3  Black 

9.  HAIR: 

1  Sraight-lank  3    Straight- stiff 

2  Curly  4    Wavy 

10.  COLOR  OF    EYES  : 

1  Black  3    Brown 

2  Blue  if    Sreen 

11.  SIZE    OP    PANTS/SHIRT: 

1  Small  3    Large 

2  Medium 

12.  RELIGION: 

1    Moslem  4    Hindu 
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2  Catholic 

3  Protestant 

13.  STATUS   OF    RANK: 

1  Effective 

2  Temporary 

3  In   education 

14.  TYPE    OF    PROMOTION: 

1  Regular 

2  Extraordinary 

15.  STATUS    OF    PLACEMENT: 

0  Organic 

1  Labor    (non  organic) 

2  In   charge    (detached 

from    parent  command) 

16.  RESULT   OF    EDUCATION: 

1  Graduated 

2  Not    graduated 

17.  FAMILY    RELATION: 

0  S  po  u  s  e 

1  Child   number    1 

2  Child   number    2 

3  Child   number    3 

4  Child   number    4 

18.  RANK: 

A.    Military: 

99  Third  Sailor 
93  Second  Sailor 
97  First  Sailor 
95  Second  Corporal 


5  Budhist 


4  Military   obligated 

5  Military   titular 


3  Honor    (meritorious) 

4  Honour-grace     (post. humous) 


3  In   assistance    (temporary 
additional   duty) 

4  In    direction    (independen- 
duty) 


3    Incomplete  • 


5  Chili    number  5 

5  Child    number  6 

7  Child    number  7 

3  Child    number  8 

9  Child    number  9 
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95  First   Corporal 

83  Second  Sergeant 
87  First    Sergeant 
86  Head    Sergeant 
85  Sargeant    Major 

84  Sacond  Assistant  Lisatanant 
83  First    Assistant   Lieutenant 
82  Candidata   Officer 

78  Second  Lieutenant 

77  First    Lieutenant 

75  Captain 

68  Major 

67  Liautanani   Colonel 

65  Colonel 

58  First    Admiral    (Commoiore) /Brigadier    General 

57  Rear    Admiral/Major   General 

55  Vice    Admiral/Li euteiant   General 

55  Admiral/General 

B  Civilian 

48  Group  I/A  27  Group  III/B 

47  Group  I/B  26  Group  III/C 

46  Group  I/C  25  Group  III/D 

45  Group  I/D  18  Group  IV/\ 

38  Group  IT/A  17  Group  IV/B 

37  Group  II/3  16  Group  IV/C 

36  Group  II/C  15  Group  IV /D 

35  Group  II/D  14  Group  IV/E 

28  Group  III/A 

19.  CORPS: 

A.  Military 

130  Sailor/Deck  (for  officer  only) 
16  1  Deck 
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162  Torpedo 

163  Weapon 

164  Constable 
15  5  Signal 
166  Telegram 

157  Under-Water    Weaponry 

200  Technician/Engineer    (for    officer    only) 

25  1  Mechanist 

26  2  Construction 

263  Ship   Construction 

26U  Airplane    Maintenance 

300  Electronics    (for   officer   only) 

35  1  Radio 

362  Radio-Radar    Mechanic 

363  Electro-Ma  chine   Meoaanic 
354  Electrician 

365  Sub-Weapon    Electrician 

356  Electro   Mechanic 

36  7  Weapon  Electro   Mechanic 
36  8  Electronica 

400  Marine    (for    officer    only) 

461  Infantry 

45  2  Amphibious 

463  Field  Artillery 

454  Air    Defence    Artillery 

46  5  Tank 

46  6  Pans  am    (Amphibious    Tanic) 

467  Transportation 

458  Zipur    (Defense   Construction) 

459  Communication-Electronica 

470  Nurse 

471  Field  Support 

500  Administration  (for  Dfficer  only) 
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561  Writer/Typist 

55  2  Finance 

55  3  Support 

564  Family  bussiness 

565  Cook-1 

56  6  Cook 
56  7  Tailor 

630  Health    (for    officer    only) 

651  Nurse 

652  Radiologist 
66  3  Analyst 

664  Dental  Technician 

66  5  Chemist 

666  Assistant   Chemist 

730  Specialist     (for   offioer    only) 

761  Judicature 

762  Intelligence 
75  3  Transportation 
75  4  Carpenter 

755  Physical    Fitness 

75  6  Musician 
757  Photography 

76  8  Cinematography 
759  Miscellaneous 

800  Woman    (for    officer   only) 

86  1  Communication 

86  2  Writer/Typist 

863  Finance 

864  Information 

865  Physical    Fitness 

866  Nurse 

857  Nav-Informa tion   Defaces 

858  Air    Traffic   Controller 
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930  Clergy    (for    officer   only) 

B.    Civilian: 

000  Administration 

03 1  General   Administration 

002  Finance    Administration 
033  Labor   Administration 
004  Support   Administration 
035  Nursing    Administration 
006  technical   Administra cion 

03  7  Typist 

008  Stencil   Mechanic 

03  9  Nursing   Staff 

010  Statistic   Administration 

011  Law    Administration 

012  Library   Administration 

013  Transportation    Admiaistration 

014  Housing   Administration 

015  Post    Administration 

016  Miscellaneous   Administration 

017  Technician 

018  Ship   Technician 

019  Engine/Machine   Technician 

020  Electro   Technician 

021  Construction   Technician 

022  Carpenter 

023  Welding   Technician 

024  Telephone-telegraph    Technician 

025  Radio  Technician 

026  Mechanic/Driver 

027  Laborer 

028  Photographer 

029  Film    Operator 
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030  Hetal  Technician 

031  Painter 

032  Weapon  Technician 

033  Fire   Safety    Inpector 

034  Constructor 

035  General   Controller 

036  Shipyard    Worker 

037  Pump   Technician 

038  Railroad   Technician 

039  Meteorological   Technician 

040  Miscellaneous 

04  1  Nurse 

042  Dental  Nurse 

043  General   Nursing 
04  4  Midwife 

04  5  Pharmacy 

046  Physicthera phy 

047  Radiology 

04  8  Pediatric  Nur.se 

049  General    Medical 

050  Opthalmologist 

051  Throat-noee-ear   Physician 

052  Neurologist 

053  Dermatologist 

054  Dietitian 

055  Miscellaneous 

05  6  Specialist 

057  Teacher/Instructor 

05  8  Messenger 

059  Cook 

060  Gardener 

05  1  Shoemaker 

06  2  Tailor 
05  3  Barber 
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06 4  Janitor 

065  Fores-tar 

066  Sketcher 
057  Security 
068    Lifeguard 

06  9    Parking   Master 
070    Fire    Brigade 

07  1    Physical    Fitness 
07  2    Artist 

073  Clergy 

074  Laundry 

075  Ocean  Tide 

076  Petr o-chemical   Technician 

077  Geography 

078  Miscellaneous 

20.    GRO0P   CODE    OF    EDUCATION: 

000  General    Development 

001  Sationa'i  Defense 

002  Joint    Command    S   Staff   College 

003  Command    S  Staff  College    Level 

004  2nd   Officer    Continuing   Education    Level 

005  1st   Officer   Continuing    Education    Level 
011  UCO   Continuing    Education    Level 

100  Formation 

101  Military  Academy  Level 

102  Fundamental  Officer  Education  Level 

103  Candidate  Officer  Education  Level 

111  Candidate  NCO  Education  Level 

112  Candidate  Corporal  Education  Level 

113  Candidate  Enlisted  Education  Level 

200  Labor 

201  Labor    Education   Level 
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300  3en eral    Education 

301  University   Level 

302  Academy    Level 

303  Senior    High   School  Level 

304  Junior    High   School   Level 

305  Elementary   School   Lsvsl     (graduate) 

306  Elementary   school   level    (not   graduate) 

400  Specialist    Military    Education 

401  Specialist 

402  Officer  Specialist 

403  NCO  Specialist 

404  Enlisted  Specialist 

405  civilian  Specialist 

500  General    Course 
21.    ECHELON    OF    PROFESSION: 


11  Echelon  1-A 

12-  Echelon  1-B 

13  Echelon  1-C 

14  Echelon  1-D 

15  Echelon  1-E 

16  Echelon  1-F 

17  Echelon  1-G 

18  Echelon  1-H 

21  Echelon  2-A 

22  Echelon  2-B 


23  Echelon  2-C 

24  Echelon  2-D 

25  Echelon  2-E 
23  Echelon  2-F 

31  Echelon  3-1 

32  Echelon  3-B 

33  Echelon  3-C 

34  Echelon  3-D 

35  Echelon  3-E 
43  Functional 


22.  STATION: 

Not  include   here   for   security   reasons. 

23.  VIOLATION: 


1  Discipline 

2  Lav 


3    Negative    lata 
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24.    WHAT: 

This        table  will        be        corapla-ed        later  by        an 

Itelligence/Security   officer,    since    tha    author   does   not    have 
data    at    this  time. 


53 


APPENDIX    B 
DATABASE    DICTI3BARY 

This  data  dictionary  contains  descriptions  of  the 
Personnel  Data  Base  segments  (data  elements  groups)  and 
their   data   elements.    There    are   six   columns    in    the    table: 

1.  Element      Number    (ELM      #)  .         The    data      element/segment 

number  contains  four  digits.  The  first  two  digits  is 
the  segment  number,  beginning  from  the  root  and 
increasing  by  one  (leading  zeroes  suppressed) ,  and 
another  two  digits  for  the  data  element  number  in  the 
segment    beginning    from   one   ana   increasing    by   one. 

2.  Data  Element  (DATA_ ELEMENT)  .  This  column  contains 
data  element/segment  name  as  it  is  known  to  the 
users. 

3.  Data  Name  (DATA_NAME).  This  column  contains  the 
unique  name  for  data  element /segment  which  is  to  be 
used  by  programmer/user  when  retrieving  data  from  the 
Database. 

4.  Type  (TYPE).  This  column  contains  the  data  element's 
type  where  N  means  Numeric  and  AN  means 
Alpha-Numeric. 

5.  Number  of  Character  (  OF  CHAR).  This  column  cotains 
number  of  characters  in  the  record  field  of  the  data 
element /segment. 

6.  Description  (DESCRIPTION).  This  column  contains  the 
description  of  the  data  elsment/segment .  Described 
are  the  data  element/segment,  relationships  (depen- 
dent,  root,    etc.),    key    record/segment,    administrative 
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control,  usage,  and  identifications.  This  description 
helps  the  programmer/  user  tn  find  ths  path  tc  desire 
data  elements/segments  in  the  database. 
The  abbreviations  used  in  the  data  dictionary  tabla  are: 
DB  for  Database,   segm  for  segmen,    lev  for  level,   tbl  for 
table.   YYMMDD  for  Year  (two  digits}  ,  Month  (two  digits)  and 
Date  (two  digits),  occur  for  occurrence,   dependt  fcr  depen- 
dent. Kg  for  Kilogram,  and  Cm  for  Centimeter. 


ELM     DATA-ELEMENT        DATA-     TY-   #OF   DESCRIPTION 
#  NAME      PE    CHAR 

100  Main  identification   MAINID        76   Root  segm  DB 

lev  1f  segm  1, 
one  occur 

101  Personal  Serial      SERNOM  N  9  Record  key 
Number  (Main  Key) 

102  Name                 NAME  AN  26  Name,  title 

103  Corps                CORPS  N  3  See  corps  tbl 

(19) 

104  Sex  SEX       N    1    See  sex  tbl  (3) 

105  Birth  date  DMBIRTH    N     6    YYMMDD 

106  Birth  place  PMBIRTH    AN   15    Town  (city) 

107  Religion  RELIGION   N     1    See  religion 

tbl  (12) 

108  Tribe  TRIBE      AN   15 

200   Personal  CHARACT  Dependt  segm  of 

root,  lev  1 , 
segm  2,  one 

occur 
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— 4.-. 
MARR 


300   Marriage 


301   Marital  status 


302   Date  of  status 


MARST 


MARDT 


Dependt  seam  of 
CHARACT,  lev  3r 
segm  3,  repeated 

See  marital 
status  tbl  (4) 
segm  key 
YYMMDD 


400   Address 


401  Address 

402  Housing  status 


403   Date  of  status 


ADDR 


ADDRSSS 
HOUSE 


33 


AN   2  6 


HOOSDT     N 


Dependt  segm  of 
CHARACT,  lev  3, 
segm  4,  repeated 

See  housing 
status  tbl  (6) 
segm  key 
YYMMDD 


500   Body  characteristic  BODYCHAR 


501  Height 

502  Height 

503  Blood  type 


504  Color  of  skin 

505  Hair 

506  Color  of  eyes 


18    Dependt  segm  of 
3HARACT,  lev  3, 
segm  5,  one 
occur 

WEIGHT  N  3  In  Kg 
HEIGHT  N  3  la  Cm 
BLOOD     8     1    See  blood  type 

tbl  (7) ,  segm 

key 
SKIN      N     1    See  color  of 

skin  tbl  (8) 
HAIR      N     1    See  hair  tbl 

(9) 
EYES       N     1    See  color  of 
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507  Size  of  shoes 

508  Size  of  hat 

509  Size  of  pants 

510  Size  of  shirt 

51 1  Size  of  chest 


ayes  tbl  (10) 
SHOES      N     2 
HAT        N     2 
PANTS      N     1    Sae  pant  shirr 

tbl  (11) 
SHIRT     N     1    See  pant  shirt 

tbl  (11) 
CHEST      N     2    - 


600      Category    and   status      CATEG 


601  Original  personal 
status 

602  Date  of  original 
personal  status 

603  Current  personal 
status 

604  Date  of  current 
personal  status 

605  Personal  category 


606  Date  of  personal 
category 

607  Active  iuty 
obligatsd  time 
(Active  service 
duty  began) 


ORPERST    N 


ORPSRDT    N 


CRPERST    N 


CRPERDT    N 


CAT  EGO  R!f   N 


DTGORY 


DTACT 


29   Dependt  segra  of 
CHARACT,  1=V  3, 
segm  6,  one 
occur 

2   See  personal 

status  tbl  (1) 
6    IYMMDD 

2   See  personal 
status  tbl  (1) 
sagm  key 

6    YYMMDD 

1  See  personal 
category  tbl 
(2) 

6    TTMMDD 

6    IYMMDD 


700   Rank 


RANK 


39    Dependt  segm  of 
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root,  lev  2, 
segm-  3,  repeated 


701  Rank/Group 

702  Status  of  rank 

703  Date  cf  rank 

704  Number  of  decision 
letter 


705  Date  of  decision 
letter 

706  Who  gave  the 

decision  letter 

707  Type  of  promotion 


SANKG 

N 

2 

See  rank  tbl 
(18),  segm  key 

STRANK 

N 

1 

See  status  of 
rank  tbl  (13) 

DTRANK 

N 

6 

YYMMDD 

NBDECLEr 

AN 

8 

Format:  NNNNMMYY 
NNNN   :  Number 
MM     :  Month 
YY     :  Year 

DTDECLET 

N 

6 

YYMMDD 

GVDECLEr 

AN 

15 

Official 
functionary 

TPPROM 

N 

1 

See  type  of 
promotion  zbl 

(14) 

800   Profession 


801  Name  of  profession 

802  Number  Df  decision 


803  Date  of  decision 
letter 

804  Number  of 

professional 
warrant 


PROFESS 


71    Dependt  segm  of 
root,  lev  2, 
segm  4,  repeated 


NMPROF 

AN 

15 

- 

NBDECP 

AN 

8 

Format 
NNNN 
MM 
YY 

:  NNNNMMYY 
:  Number 
:  M  on  th 
:  Year 

DTPROF 

N 

6 

NNNNNN 

-YYMMDD 

NEWARP 

AN 

8 

Format 
NNNN 
MM 
YY 

:  NNNNMMYY 
:  Number 
:  Month 
:  Year 
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805  Date  of  warrant 

806  Echelon  of 
profession 

807  Station 

808  Reporting  date 

809  Status  of 
placement 

810  Date  of  placement 


DTWARP 

N 

6 

NNNNNN-YYMMDD 

ECHELON 

U 

2 

See  echelon 
tbl  (21) 

STATION 

N 

3 

See  station  tbl 
(22) 

DTSTAT 

8 

6 

YYMMDD 

STPLACE 

N 

1 

See  status  of 
placement  tbl 
(15) 

DTPLACE 

N 

6 

YYMMDD 

900   Education 


EDOC 


901      Group   code   of 
education 


9  02      Education 

Institute's  Name 

903  Start  date 

904  Completion  date 

905  Station 

906  Town  (city) 

907  Result  Df 
education 

908  Class  standing 

909  Class  size 


EDUCCD 


73        Dependt    segm   of 
r:o:,    lev   2, 
segm    9,    rspeated 

3        S=9    group  code 
of   education 
tbl    (20)  ,    segm 
key 


EDO CM M 

AN 

15 

• 

EDUCSD 

N 

6 

YYMMDD 

EDUCCM 

N 

6 

YYMMDD 

EDSTAT 

N 

3 

See  station 
tbl  (22) 

EDTOWN 

AN 

15 

- 

RESULT 

N 

1 

393  result  of 
education  tbl 
(16) 

CSTAND 

N 

3 

- 

CSIZE 

N 

3 

- 

1000      Subject 


SUBJ 


18    Dependt  segm  of 
EDQC,  lev  3, 
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1001  Subject  name 

1002  Grade 


=  e  g  D>  10, 

repeated 

SUBJECT 

AN 

15 

Segm  key 

GRADE 

AS 

3 

Can  be  numeric 
or  alphabetic 

1100   Family 


1101  Family  name 

1102  Family  relation 


1103  Sex 

1104  Birth   date 

1104  Birth    place 

1105  Religion 

1107  Address 


FAK 


FNAJiE 
FREL 


FSEX 
FDBIRTH 
FPBIRTH 
FPRELIGI 

FADDR 


76        Dependt    segm  of 
coot,    lev   2, 

segm    6,    repeated 


AN 

26 

Same,  title 

N 

1 

See  family 
relation  tbl 
( 17)  ,  segm  key 

N 

1 

See  sex  tbl  (3) 

N 

6 

YYMMDD 

AN 

15 

Town  (city) 

N 

1 

See  religion 
tbl  (12) 

AN       26 


1200      Activity 


1201  Name  of  activity 

1202  Place  of  activity 

1203  Start  date 

1204  Completion  date 


FACT 

48 

Dependt  segm  of 
F&a,  lev  3, 

repeated 

FN  ACT 

AN 

26 

Segm  key 

FPACT 

AN 

15 

Town  (city) 

FSACT 

N 

6 

YYHHDD 

FCACT 

N 

6 

JYHMDD 

1300   Family  education 


FEDUC 


16    Dependt  segm  of 
FAH,  lev  3, 
segm  13, 

reoeated 
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1301  Education  FEDNACT         AN       15 
Institute's  Name 

1302  Group    cods    of  FCDACT  N  3         Sss    group    cods 
education  of   education 

tbl     (20)  ,    segm 
fcey 

1303  Result   of  FEDRES  N  1         Ses    result   of 
education  education   tbl 

(16) 


1400   Payroll  PAYROLL 
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Dependt  segm 
root,  lev  2, 
segm  14,  one 
occurr 

of 

N 

6 

YYMMDD 

N 

2 

See  rank  tbl 
(18) 

N 

3 

In  Month 

N 

1 

- 

1401  Date  cf  begining     DBPAY 
payroll 

1402  Rank  in  payroll      RKPAY 

1403  Payroll  period       PERPAY 

1404  Number  of  children    CHFAM 
authorized  family 
allowence 

1405  Status  of  children    STCHFAM    N     1    See  children 
authorized  family  allowance 
allowence  status  tbl  (5) 

1406  Main  saLary  MAINSAL    N    6    In  Pupiah 

1407  Wife's  family        WFALL      N     5    In  Rupiah 
allowance 

1408  Children  family      CHALL      N     5    In  Rupiah 
allowance 

1409  Other  family         OTALL      N     5    In  Rupiah 
allowance 

1410  Obligated  reduction   OBRED     N    5    In  Rupiah 
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1411  Rice  reduction 

1412  Other   reduction 

1413  Total   salary 

1414  Unit  of  payroll 


RCRED 

N 

5 

In  Rupiah 

OTRBD 

N 

5 

In  Rupiah 

T0T3AL 

N 

6 

In  Rupiah 

ONPAY 

N 

4 

S?s  station 
tbl  (22)  ,  segm 
key 

1500      Security 


1501      Violation/Infringe 


1502  What 

1503  Where 

1504  When 

1505  Why 


SEC 


35        Dependt    segm  of 
root,    lev   2r 
segm    15f 

repeated 


1506      How 


VTYPE 

N 

1 

See  violation/ 
infringe  type 
tbl  (23)  ,  segm 

key 

WHAT 

N 

3 

See  what  tbl 
(24) 

WHERE 

AN 

15 

Town  (city) 

WHEN 

N 

6 

JYHMDD 

WHY 

N 

5 

This  reason 
description  is 
stored  in  other 
file  with  key 
number  here 
(N  5) 

HOW 

N 

5 

Same  as  150  5 

1600      Who   involved 


1601  Name   involved 

1602  Personal 


WHOINV 

50 

Dependt  segm  of 
SEC,  lev  3, 
segm  16, 
repeated 

INVNAME 

AN 

26 

Segm  key 

PERSID 

AN 

9 

Personal  serial 
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identification 


1603   Profession 


PROFINV 


AN       15 


p. amber   or   oth^r 
valid   identi- 
fication 


1700      Measures 


1701  Type   of  action 

1702  Start    dare 

1703  Completion   date 


HEAS 


27        Dependt    seg m  of 
SEC,    lev    3,    segm 
15,    repeated 


NMEAS 

AN 

15 

Segm  key 

SMEAS 

N 

6 

JYMMDD 

CMEAS 

N 

6 

YYMMDD 
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APPENDIX    C 
NEW   DATABASE    DICHONARY 

This   data   dictionary   contains   inscriptions   of   the   Personnel 
Data    Base      segments     (data   elements      groups)       and      their    data 
elements.  rhere        are        six        columns        in        the        table: 

(See    Appendix  B    for   abbreviations) 


ELS  DATA-ELEMENT  DATA-  TY-       #OF      DESCRIPTION 

t  NAME  PE         CHAR 

100  Main   identification      MAINID  76        Root    segm   DB 

lev    1,    seam    1, 
one    occur 

101  Personal    Serial 
Number 

102  Name 

103  Corps 

104  Sex 

105  Birth   date 

106  Birth    place 

107  Religion  RELIGION      N  1         See    religion 

fcbl    (12) 

108  Tribe  TRIBE      AN   15 

200   Personal  CHARACT  Dependt  segm  o: 

root,  lev  1 , 
segm  2,    one 
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SERN03 

N 

9 

Record  key 
(Main  Key) 

NAME 

AN 

26 

Name,  title 

CORPS 

N 

3 

See  corps  t  bl 
(19) 

SEX 

N 

1 

See  sex  tbl  (3) 

DMBIRTH 

N 

6 

YYMMDD 

PMBIRTH 

AN 

15 

Town  (ci-y) 

occur 


300      Marriage 


MARR 


301      Marital  status 


302      Date   of   status 


MARST 


MARDT 


7    Dependt  segm  of 
CHARACT,  lev  3, 

39am  3,  repeated 

N    1    See  marital 

status  tbl  (4) 
segm  key 

N     6    YYMMDD 


400   Address 


401   Address 


ADDR 


26  Dependt  segm  of 
CHARACT,  lav  3, 
s^gm  4,  repeated 


ADDRESS    AN   26 


500   Address  status 


501   Housing  status 


502   Date  of  status 


ADDRSTA 


HOUSE 


HOUSDT 


Dependt  segm  of 
ADDR,  lev  4, 
segm  5r  repeated 

See  housing 
e  tat  us  tbl  (6) 
segm  key 
YYMMDD 


600   Body  characteristic  BODYCHAR 


601  Weight 

602  Height 

603  Blood  type 


10    Dependt  segm  of 
CHARACT,  lev  3, 
segm  6,  one 
occur 


WEIGHT 

N 

3 

In  Kg 

HEIGHT 

N 

3 

In  Cm 

BLOOD 

N 

1 

See  blood  typ 
tbl  (7)  ,  segm 
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604   Color  of  skin 


605   Hair 


606   Color  of  eyes 


700   Personal  size 


701  Size  of  shoes 

702  Size  of  hat 

703  Size  of  pants 

704  Size  of  shirt 

705  Size  of  chest 


key 

SKIN      N     1    See  color  of 

skin  tbl  (8) 

HAIR       N     1    5r?  hair  tbl 

(9) 

EYES       N     1    See  color  of 

ayes  tbl  (10) 


PERSIZ 


8    Dependt  segm  of 
S3DYCHAR,  level 
4,  segm  7,  on a 
occur 


SHOES 

N 

2 

- 

HAT 

N 

2 

- 

PANTS 

N 

1 

See 
tbl 

pant  shirt 
(11) 

SHIRT 

N 

1 

See 
tbl 

pant,  shirt 
(11) 

CHEST 


N 


800   Category  and  status   CATEG 


801  Original  personal    ORPERST    N 
status 

802  Date  of  original     ORPERDT    N 
personal  status 

803  Current  personal 
status 


804      Date   of  current 
personal    status 


CRPERST    N 


CRPERDT    N 


29    Dependt  segm  of 
CHARACT,  lev  3, 
segm  3  ,  o  ne 
occur 

2   See  personal 

status  tbl  (1) 
6    YYMMDD 

2   See  personal 
status  tbl  (1) 
eegra  key 

6    YYMMDD 
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805  Personal  category    CATEGORY   N    1   See  personal 

category  tbl 
(2) 

806  Date  of  personal     DTGORY    N     6    YYMMDD 
category 

807  Active  iuty  DTACT      N     6    YYMMDD 
obligated  time 

(Active  service 
duty  began) 


900   Rank 


RANK 


901  Rank/Group 

902  Status  of  rank 
90  3   Date  of  rank 


RANKG 


N 


STRANK     N 


DTRANK 


39    Dspendt  seg m  of 
:::t,  lev  2, 
segm  9,  repeated 

2   See  rank  tbl 
(18) ,  segm  key 

1    See  status  of 
rank  tbl  (13) 

6    YYMMDD 


904   Number  of    decision    NBDECLET   AN    8    Format:  NNNNMMYY 


letter 


905  Date  of  decision 
letter 

906  Who  gave  the 
decision  letter 

907  Type  of  promotion 


DTDECLET       N 


NNNN      :  Number 

MM  :  aonth 

YY  :  Year 

YYMMDD 


GVDECLET       AN       15         Official 

functionary 

TPPROM  N  1         See    type    of 

promotion  tbl 
(MX) 


1000      Profession 


PROFESS 


71    Dependt  seqm  of 
root,  lev  2, 
segm  10, 
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1001  Name  of  profession 

1002  Number  of  decision 


1003  Date  of  decision 
letter 

1004  Number  of 
professional 

warrant 

1005  Date  cf  warrant 

1006  Echelon  of 
profession 

1007  Station 

1008  Reporting  date 

1009  Status  of 
placement 

1010  Date  of  placement 


repeated 

NMFROF 

AN 

15 

- 

NBDECP 

AN 

8 

Format:    NNNNMMYY 
NNNN       :    Number 
MM           :    Month 
YY           :    Year 

DTFROF 


NNNNNN-YYMMDD 


NE-WARP 

AN 

8 

FDrmat:    NNNNMMYY 
NNNN       :    Number 
MM           :    Month 
YY           :    Year 

DTWARP 

N 

6 

NNNNNN-YYMMDD 

ECHELON 

N 

2 

See    echelon 
tbl    (21) 

STATION 

N 

3 

See    station   tbl 
(22) 

DTSTAT 

N 

6 

YYMMDD 

STPLACE 

N 

1 

See    status   of 
placement   tbl 
(15) 

DTPLACE 

N 

6 

YYMMDD 

1100      Education 


1101      Group   code   of 
education 


1102      Sduca-ion 

Institute's   Name 


EDUC 


EDUCCD 


EDOCNM 


73 


AN       15 


Dependt    segm  of 
root,    lev   2, 
segm    1 1, 

repeated 

See  group  code 
of  education 
tbl  (20)  ,  segm 
key 


63 


1103  Start    date 

1104  Completion   date 

1105  Station 

1106  Town    (city) 

1107  Result  of 
education 

1108  Class  standing 

1109  Class  size 


EDUCSD 

N 

6 

YYMMDD 

EDUCCM 

N 

6 

YYMMDD 

EDSTAT 

N 

3 

See  ststion 
tbl  (22) 

EDTOWN 

AN 

15 

- 

RESULT 

N 

1 

See  result  of 
education  tbl 
(16) 

CSTAND 

N 

3 

- 

CSIZS 

N 

3 

- 

1200   Subject 


1201  Subject  name 

1202  Grade 


SUBJ 


18        Dependt    segm  of 
EDUC,    lev    3, 
eegm    12, 
repeated 


SUBJECT 

AN 

15 

Segm  key 

GRADE 

AN 

3 

Can  be  numeric 
or  alphabetic 

1300      Family 


1301  Family  name 

1302  Family  relation 


1303  Sex 

1304  Birth  date 

1304  Birth  place 

1305  Religion 

1307  Address 


FAM 


76    Dependt  seg ra  of 
root,  lev  2, 
segm  13, 
repeated 


FNAME 

AN 

26 

Name,  title 

FREL 

N 

1 

See  family 
relation  tbl 
(17),  segm  key 

FSEX 

N 

1 

See  sex  tbl  (3) 

FDBIRTH 

N 

6 

YYMMDD 

FPBIRTH 

AN 

15 

Town  (city) 

FPRELIGI 

N 

1 

5ee  religion 
tbl  (12) 

FADDR 

AN 

26 

- 
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1400   Activity 


1401  Name  of  activity 

1402  Place  of  activity 

1403  Start  data 

1404  Completion  date 


FACT 

48 

Depend*  segm  of 
FAM,  lev  3, 
segm  14 
repeated 

FNACT 

AN 

26 

Segm  key 

FPACT 

AN 

15 

Towr.  (city) 

FSACT 

N 

6 

IYHHDD 

FCACT 

N 

6 

YYMMDD 

1500      Family  education 


1501  Education 
Institute's   Name 

1502  Group   code   of 
education 


1503      Result   of 
education 


FSDtJC 


FEDNACT 


FCEACT 


FEDRES 


16 


AN       15 


Dependt    segm  of 
FAU,    lev    3, 
ssgm    15, 
repeated 


3ee    group   code 

of    education 

tbl    (20)  ,    segm 

key 

See    result   of 

education   tbl 

(16) 


1600      Payroll 


1601  Date   of  begining 
payroll 

1602  Rank    in  payroll 


PAYROLL 


DBPAY 


RKPAY 


59        Dependt    segm   of 
root,    lev   2, 
segm    16,    one 
occurr 

6         YYMMDD 

2        See    rank    tbl 


70 


(18) 

1603  Payroll  period  PERPAY  N  3        In    Month 

1604  Number  af    children        CHFAM  N  1 
authorized   family 

allowenca 

1605  Status  of    children 
authorized   family 
allowenoe 

1606  Main   salary 

1607  Wife's  family 
allowance 

1608  Children    family 
allowance 

1609  Other    family 
allowance 

1610  Obligated    reduction 

1611  Rice   reduction 

1612  Other   reduction 

1613  Total   salary 

1614  Unit   of  payroll 


STCHFAM 

N 

1 

SS2 

all 

sta 

i  children 

owanca 

tus  tbl  (5) 

MAINS  A  L 

N 

6 

In 

Rupiah 

WFALL 

N 

5 

In 

Rupiah 

CHALL 

N 

5 

In 

Rupiah 

OTALL 

N 

5 

In 

Rupiah 

OB  RED 

N 

5 

In 

Rupiah 

RCRED 

N 

5 

In 

Rupiah 

OTRED 

N 

5 

In 

Rupiah 

TOTSAL 

N 

6 

In 

Rupiah 

UN  PAY 

N 

4 

tbl 

station 
(22)  ,  segm 

1700  Security  SEC  35        Dependt    segm  of 

root,  lev  2, 
ssgm  17, 
repeated 

1701  Violation/Infringe    VTYPE     K     1    See  viola ti en/ 

infringe  type 
tbl  (23)  f  segm 
ksy 

1702  What  WHAT      N     3    See  what  tbl 

(24) 

1703  Where  WHERE  AN      15         Town     (city) 

71 


1704  When 

1705  Why 


1706      How 


WHEN 

N 

6 

YYMMDD 

WHY 

N 

5 

This  reason 
description  is 
stored  in  other 
file  with  key 
number  here 
(N  5) 

HOW 

N 

5 

Same  as  1505 

18  00      Who   invDlved 


1801  Name   involved 

1802  Personal 

identification 


1803      Profession 


WHOINV 

50 

Dependt  s 
SEC,  lev 
sagm  1 8r 
repeated 

egm  of 
3, 

INVNAME 

AN 

26 

Sagm  key 

PEHSID 

AN 

9 

Parsonai 
lumber  or 
valid  ide 
f ication 

serial 
other 

nti- 

PHOFINV 


AN   15 


1900   Measures 


1901   Type  of  action 

190  2   Start  date 

1903   Completion  date 


ME  AS 

27 

Dependt  segm  of 
SEC,  lev  3,  segm 
19,  repeated 

NMEAS 

AN 

15 

Sagm  key 

SMEAS 

N 

6 

YYMMDD 

CMEAS 

N 

6 

YYMMDD 
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